{"id":24165,"date":"2025-05-06T10:30:13","date_gmt":"2025-05-06T17:30:13","guid":{"rendered":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/?p=24165"},"modified":"2025-05-06T07:40:21","modified_gmt":"2025-05-06T14:40:21","slug":"nested-app-authentication-now-generally-available-across-microsoft-365","status":"publish","type":"post","link":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/nested-app-authentication-now-generally-available-across-microsoft-365\/","title":{"rendered":"Nested App Authentication: Now generally available across Microsoft 365"},"content":{"rendered":"<p>Last year, we introduced Nested App Authentication (NAA) in public preview as a modern protocol for simplifying authentication for <a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoftteams\/platform\/tabs\/what-are-tabs?tabs=personal\" target=\"_blank\" rel=\"noopener\">Personal Tab Teams apps<\/a> that run across Microsoft Teams, Outlook, and Microsoft 365. Today, we&#8217;re excited to announce that NAA is now generally available across all hosts and platforms.<\/p>\n<h2><strong>What&#8217;s new &amp; why you should adopt NAA<\/strong><\/h2>\n<p>Nested App Authentication delivers a more secure and consistent sign-in experience while simplifying development:<\/p>\n<ul>\n<li>Delivers platform support and simplifies integration &#8211; NAA is now fully supported on desktop, mobile, and web for Personal tab Teams Apps running on Teams, Outlook, Office, and for Office Add-ins in Outlook. By leveraging <a href=\"https:\/\/github.com\/AzureAD\/microsoft-authentication-library-for-js\/tree\/dev\" target=\"_blank\" rel=\"noopener\">Microsoft Authentication Library (MSAL.js)<\/a>, you can fetch tokens directly from client code without the need for a middle-tier service.<\/li>\n<li>Enables incremental and dynamic consent for scope permissions \u2013 allowing you to request tokens for any AAD-protected resource the user has consented to, without having to specify the resource in the app manifest or use the OBO flow.<\/li>\n<li>Removes the reliance on third-party cookies for authenticating users in supported web-hosts, so when cookies are blocked the user can still authenticate without any UX interruptions to their workflow.<\/li>\n<\/ul>\n<h2>How to get started<\/h2>\n<p>To enable Nested App Authentication, follow these steps:<\/p>\n<ol>\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/entra\/identity-platform\/scenario-spa-app-registration\">Register Your App with Entra ID<\/a><\/li>\n<li>Update Redirect URIs<\/li>\n<li>Integrate the Latest SDK \u2013 latest <a href=\"https:\/\/learn.microsoft.com\/javascript\/api\/overview\/msteams-client\">Microsoft Teams JavaScript SDK<\/a><\/li>\n<li>Add a Fallback Authentication Method (in case the app runs on legacy, unsupported hosts)<\/li>\n<li>Test Across Environments (Mobile, Web, Desktop, etc.)<\/li>\n<\/ol>\n<p>For detailed guidance, visit our <a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoftteams\/platform\/concepts\/authentication\/nested-authentication\">Nested App Authentication documentation<\/a> and <a href=\"https:\/\/github.com\/OfficeDev\/Microsoft-Teams-Samples\/tree\/main\/samples\/tab-nested-auth\/nodejs\">sample app repository<\/a>. For Outlook Add-in support, read the <a href=\"https:\/\/learn.microsoft.com\/en-us\/office\/dev\/add-ins\/develop\/enable-nested-app-authentication-in-your-add-in\">Office Add-in with nested app authentication documentation.<\/a><\/p>\n<p>We value the feedback from our developer community that helped shape NAA into a robust authentication solution. Dive in today to build more secure, consistent, and scalable applications across Microsoft 365.<\/p>\n<p>Happy coding!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Get started with Nested App Authentication, a modern protocol for simplifying authentication for Personal Tab Teams apps that run across Microsoft 365.<\/p>\n","protected":false},"author":189509,"featured_media":24172,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1,128],"tags":[225,373,310,12],"class_list":["post-24165","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-microsoft-365-developer","category-microsoft-teams","tag-microsoft-365","tag-naa","tag-nested-app-authentication","tag-outlook"],"acf":[],"blog_post_summary":"<p>Get started with Nested App Authentication, a modern protocol for simplifying authentication for Personal Tab Teams apps that run across Microsoft 365.<\/p>\n","_links":{"self":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/posts\/24165","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/users\/189509"}],"replies":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/comments?post=24165"}],"version-history":[{"count":0,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/posts\/24165\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/media\/24172"}],"wp:attachment":[{"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/media?parent=24165"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/categories?post=24165"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/devblogs.microsoft.com\/microsoft365dev\/wp-json\/wp\/v2\/tags?post=24165"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}